Social media and DOD: To be or not to be?

The Defense Department continues to
send mixed signals about social-media tools. Just weeks after the Marine Corps banned the technology on all official computers and networks,
DOD launched a new home page that uses social media heavily, much like the White House’s
new Web site.

Hackers need social time, too

Social-networking sites have leapfrogged over government and law enforcement Web sites to become the No. 1 target of hackers. Sites such as Facebook and Twitter fall in the category of the most-attacked sites, accounting for 19 percent of all attacks on the Internet, according to a study by Breach Security. The study covers the first half of 2009.

Meanwhile, the results of the review
ordered by Deputy Defense Secretary William Lynn to examine the potential
threats and benefits associated with social media are due Aug. 31.

Several experts said DOD officials’ conflicted attitude toward the emerging
technology is to be expected.

“During the early days of e-mail, the DOD — and other agencies that are very
sensitive to security — was very nervous about having and using e-mail,” said
Scott Testa, a professor of business at Cabrini College in Philadelphia. “After a while, when there was
a comfort level, things loosened up.”

Testa said he expects the Marine Corps to ease its stance on social media and
DOD to take further steps to secure the technology.

Allowing unrestricted access to social media on military computers and networks
would be a mistake, said Rayford Vaughn, a professor of computer science and
engineering at Mississippi State University.
However, a full ban is not the solution, he added.

“Denial of all use of social networks by DOD would lead to the loss of use of
an important communication mechanism,” Vaughn said. “It makes sense to me to
use social networks to reach constituency groups for official business — veterans,
wounded warriors, recruiting — but not for personal use during the duty day on
government machines.”

Ultimately, DOD officials must provide ongoing training for employees to
safeguard their systems, said Rohyt Belani, chief executive officer of
Intrepidus Group and an instructor at Carnegie Mellon University.

“What they should focus on is educating their employees about the risks to
publicly exposing themselves and [their] professional and personal
affiliations,” Belani said. “They also need further education and reinforcement
about how computer use at home is different from computer use at work.”